Get latest articles directly in your inbox, stay up to date

tags

PCI PCI Community PCIDSS PCI DSS v4.0 PCI Requirements

The Time is Now for Future-Dated PCI Requirements
By Dan Lapierre on September 20, 2024

Hey PCI Champions! Don’t Breathe a Sigh of Relief Just Yet Congratulations on snagging your v4.0 Report on Compliance (ROC) and Attestation of Compliance (AOC)! You might be thinking, “...

Continue Reading
tags

Security PCI RSP PCIDSS4.0 PCIDSS PCI DSS v4.0 OBS Global

Take a Pit Stop – 5 Point Inspection Questions to Consider NOW before the 4.0 Last Lap
By Sherri Collis & Steve Levinson on June 21, 2023

2023 is flying by. Before you can say March 2024, v3.2.1 of the PCI DSS will be retired. Do you know what your organization needs to do to cross the v4.0 finish line, and how much time it...

Continue Reading
tags

Security PCI RSP PCIDSS4.0 PCIDSS PCI DSS v4.0

Three Steps to Avoiding an “In Place With Remediation” Status
By Sherri Collis & Steve Levinson on August 15, 2022

Three steps to avoiding the new "In Place with Remediation" status and using the seven P's to help -- prior proper planning prevents p*#s poor performance!

Continue Reading
tags

Security PCI Passwords DSS CDE Network Security secure operations PCI DSS v4.0 multi factor authentication mfa remote access QSA

DSS 4.0 Clarifies, Strengthens MFA Requirements
By Jordan Wiseman & Kurt Outwater on June 2, 2022

MFA under v4.0: No more admin bypass. And no more accessing the CDE without it. Start now and make sure you’ve got the time to set up MFA correctly, and securely. Your users will thank...

Continue Reading
tags

PCI PCIDSS4.0 PCI Assessment PCI DSS v4.0

Authenticated Vulnerability Scanning
By Jeff Man on May 2, 2022

One of the most significant changes introduced in PCI DSS v4.0 involves the documented approach for performing internal vulnerability scans. The internal vulnerability scanning requirement...

Continue Reading
tags

PCI PCIDSS4.0 PCIDSS PCI DSS v4.0

Monitor the Monitoring
By Clark Dixon on April 21, 2022

There are two notable changes that may require a fair bit of runway to fully meet the existing requirement to monitor your critical security control systems.

Continue Reading
tags

PCI PCIDSS4.0 PCIDSS PCI DSS v4.0

Understanding the Changes to Appendix A1: Multi-Tenant Service Providers
By Adam Gaydosh on April 21, 2022

Are you a SaaS? Do you offer various shared services to merchants and other service providers with access to resources or services being logically controlled or partitioned to keep...

Continue Reading
tags

PCI PCIDSS4.0 PCIDSS PCI DSS v4.0

Incident Response - Unexpected PAN Identified
By Mark Hannah on April 21, 2022

Mistakes with PAN happen! Data leaks, memory dumps, or debug logs can accidentally contain sensitive information and can leak data into unexpected places in your environment. It is now a...

Continue Reading
tags

PCI PCIDSS4.0 PCIDSS PCI DSS v4.0

Web Application Firewall - Automated Technical Solution
By Maryann Douglass on April 21, 2022

There are now two options to meeting the new requirement 6.4.2 for a web application firewall: WAF or RASP. Notice I didn’t say manual code review!

Continue Reading

Submit a Comment

Get latest articles directly in your inbox, stay up to date